Chinese government agencies and state-owned enterprises were recently instructed not to install the OpenClaw artificial intelligence agent on office machines, according to a report. Notices circulated to a range of public-sector organizations, including major state-owned banks, flagged security concerns related to the software.
The guidance reportedly asked organizations that had already placed OpenClaw on devices to inform their superiors immediately. The instruction reflects official attention to potential vulnerabilities tied to the program's operation.
OpenClaw is an open-source AI agent designed to run locally on a user's computer and perform a variety of autonomous tasks. The software has gained attention for capabilities such as sorting files, composing or replying to messages, and browsing the internet on behalf of the user.
However, security critics have raised alarms because OpenClaw operates with full system permissions. That level of access, the critics say, could allow the agent to execute malicious code if exploited, creating risks for systems where it is installed.
The recent advisory follows a spate of product launches by prominent Chinese technology companies that either support OpenClaw or offer similar AI agent functionality. Tencent Holdings Ltd released a tool called WorkBuddy described as operating similarly to OpenClaw, while Zhipu AI - trading as Knowledge Atlas Tech Joint Stock - and MiniMax Group Inc unveiled comparable offerings within the past week.
Summary
Authorities have warned government bodies and state-owned enterprises, including state banks, against installing the OpenClaw AI agent on office devices because of security concerns tied to the software's full system permissions. Organizations with prior installations were asked to report them to supervisors. The notices come after several major technology firms released agents that either support OpenClaw or provide similar functionality.
Key points
- Notices were sent to government agencies and state-owned enterprises, including major state-owned banks, advising against installing OpenClaw for security reasons.
- OpenClaw runs locally with full system permissions and can autonomously manage tasks such as file sorting, messaging, and web browsing.
- Recent product launches from Tencent, Zhipu AI (Knowledge Atlas Tech Joint Stock), and MiniMax Group introduced agents that mirror or support OpenClaw-like capabilities.
Risks and uncertainties
- Security risk from software that operates with full system permissions - relevant to government IT environments and banking systems.
- Potential for malicious exploitation if the agent is misused or compromised - a concern for any organization running the software locally.